RSA^® enVision Discussions

Hi Delfin;

thank you for your response, answers for your Qs are:

Do you check the connectivity between RSA enVision machine and the Cisco IPS device over port 443?

I tried to telnet the IPS on port 443; the connection was successful, I also installed firefox on the envision VM and tried to get the XML file from the IPS through its web server and it was successful after providing the user and pass, noting that the same test on IE8 (because we have win server 2008 R2 SP1 64bit) was failed.

Do you check the SSL certificate on the CISCO IPS device are valid?

I do not know how to test the certificate, but it is ok from firefox, also when I connected to the IPS by firefox I exported the certificate and installed it to certificate manager mmc.

Do you check the user and password used to access data from RSA enVision into CISCO IPS are correct?

yes

Do you create the access list on CISCO IPS to authorize the access from RSA enVision into the CISCO IPS device?

yes, and I accessed the IPS xml by firefox from envision it self.

Do you started the rdep-event-server in CISCO IPS device?

yes

Do you put the Cisco Secure Ids.txt into the \default_NIC_directory\csd\config\sdees\templates\ directory?

yes

Thank You

BR

Rami

Hi Rami,

Do you look for errors on SDEE device conection in NIC System LOG??? You can get useful information there.!

Dear Delfin;

sorry for being late; But I cannot find the release notes for envision 4.1 SP1, the available one is for envision 4.1 only.

BR

Rami

Rami,

4.1 SP1 release notes are available in SCOL (Secur Care Online). Did you check in SCOL ?

Regards

Biju Vasudevan

******A Winhttpsendrequest error may be noted when the SDEE Collection Service is started****

Tracking Number: ENV-40884

Problem: When the SDEE collection service is started when an SDEE event source is added, Winhttpsendrequest

     error messages may be generated. This may occur on both Windows 2003 and Windows 2008.

Workaround: On Windows 2003, you must:

     Add the registry key UseScsvForTls under

     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL and set the value to

     1.

On Windows 2008, you must:

     1. Add the registry key UseScsvForTls under

     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL and set the

     value to 1.

     2. Modify the registry key FIPSAlgorithmPolicy value from 1 to 0 under

     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa

Rami

This case is very interesting. Do you add the key values to Windows Registry? Did this work?

Thanks for sharing your experience.

I am facing same problem even after applying the registry tweeks

I have the error